Performing an automated compliance audit by vulnerabilities
US8893283B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jan 31, 2013 |
| Grant date | Nov 18, 2014 |
| Priority date | — |
| Expiry date | May 20, 2033 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1433
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
An automated enterprise compliance auditing by vulnerabilities system including an enterprise asset database, a compliance regulation including compliance controls, a known asset vulnerabilities database including details of publicly known asset vulnerabilities, compliance control associating functionality to associate each of a set of audited assets with at least a subset of compliance controls of the compliance regulation, the audited assets being a subset of the enterprise assets, vulnerability mapping functionality to map each compliance control to a subset of the known asset vulnerabilities which may impact compliance of at least one of the audited assets therewith, asset scanning functionality to scan each audited asset to ascertain to which publicly known asset vulnerabilities the audited asset is vulnerable to, and numeric compliance score calculating functionality to, responsive to the associating, mapping and scanning, calculate for each audited asset, a numeric compliance score for each compliance control associated therewith.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.